Threat Intel Briefs
IronNet’s September Threat Intelligence Brief 2022
Microsoft releases a report on its disruption of a Russian cyber-espionage group called SEABORGIUM (COLDRIVER) that has targeted over 30 organizations since the beginning of 2022, primarily in NATO countries and in ...
IronNet’s August Threat Intelligence Brief 2022
Discovered in January 2022, ChromeLoader is a multi-stage browser hijacker/adware campaign that has impacted various victims around the world. ChromeLoader is a multi-stage malware family, meaning each variant has a similar looking ...
IronNet’s July Threat Intelligence Brief 2022
On June 18th, an IronNet customer in the education sector was targeted in a ransomware attack. Initial investigation of the compromise points to the BlackCat ransomware group as the possible threat actor ...
IronNet’s June Threat Intelligence Brief 2022
On May 4th, Cybereason released a report on a malicious cyberattack campaign by the Chinese state-sponsored APT, Winnti group. The campaign, dubbed Operation CuckooBees, has been targeting technology and manufacturing companies in ...
IronNet’s May Threat Intelligence Brief 2022
On April 12th, the Ukrainian CERT (CERT-UA) reported that the Russian Sandworm Team targeted high-voltage electrical substations in Ukraine using a new variant of a malware known as Industroyer (aka, Crash Override) ...
IronNet’s April Threat Intelligence Brief 2022
The Lapsus$ Group is a cybercriminal group that has attracted much attention after a spate of high-profile attacks on technology companies, including Microsoft, Okta, Samsung, NVIDIA, and Ubisoft. Though the group started ...
IronNet’s March Threat Intelligence Brief 2022
On February 24, 2022, Russian President Vladimir Putin approved troops to begin moving into Ukraine-controlled territory. Since the invasion, several cyber attacks - including DDoS attacks, the deployment of wiper malware, and ...
IronNet’s February Threat Intelligence Brief
In mid-January there were multiple attacks on the Ukrainian government website. Several webpages were wiped and defaced stating that Ukrainian, Russian, and Polish personal data was leaked. Microsoft observed destructive malware activity ...
IronNet’s January Threat Intelligence Brief
Looking back on December, I will say that the big news in the cyber world was, of course, the Log4j vulnerability. A remote code execution (RCE) vulnerability (CVE-2021-44228) with a CVSS score ...
IronNet’s December Threat Intelligence Brief
As we look back on November, we have much to report on, such as an FBI email hoax, where attackers abused insecure code in the Law Enforcement Enterprise Portal (LEEP) to send ...
